10 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-23913
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the...
DEBIAN-CVE-2023-23913
There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method,...
UBUNTU-CVE-2023-23913
There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method,...
Google Pixel Security Breach
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...
Google Pixel Security Breach
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...
GHSA-XP5H-F8JF-RC8Q rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements
NOTE: rails-ujs is part of Rails/actionview since 5.1.0. There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML...
SUSE CVE-2023-23913
There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method,...
PT-2023-19296 · Ruby On Rails +1 · Rails-Ujs +1
Name of the Vulnerable Software and Affected Versions: rails-ujs versions 5.1.0 through 6.1.7.2 rails-ujs versions 5.1.0 through 7.0.4.2 Description: There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned...
Cross-site Scripting (XSS)
Overview rails is an opensource MVC web framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user-input sanitization, by leveraging the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential ...
PT-2023-2888 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions 12.02 through 12.1.0 Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability, where the targ...